Method, system and apparatus for secure access, payment and identification

US 8,001,055 B2
Filed: 02/21/2007
Issued: 08/16/2011
Est. Priority Date: 02/21/2006
Status: Active Grant

First Claim

Patent Images

1. A system for authenticating identities of a plurality of users to enable or prevent an occurrence of an event, the system comprising:

a first handheld device including;

a biometric sensor programmed to receive a biometric input provided by a user of the first handheld device;

a user interface programmed to receive a user input including secret information known to the user of the first handheld device;

a first wireless transceiver programmed to transmit via a network a first wireless signal including authentication information of a user of the first handheld device; and

a first processor programmed to authenticate the user of the first handheld device based on at least one of the biometric input and the secret information and to include in the authentication information of the user of the first handheld device at least a time-varying non-predictable value generated by the first processor;

a second handheld device including;

a biometric sensor programmed to receive a biometric input provided by a user of the second handheld device;

a user interface programmed to receive a user input including secret information known to the user of the second handheld device;

a second wireless transceiver programmed to transmit via the network a second wireless signal including authentication information of a user of the second handheld device, to communicate information identifying the user of the second handheld device to the first handheld device, and to receive information identifying the user of the first handheld device from the first handheld device; and

a second processor programmed to authenticate the user of the second handheld device based on at least one of the biometric input provided by the user of the second handheld device and the secret information known to the user of the second handheld device, and to include in the authentication information of the user of the second handheld device at least a time-varying non-predictable value generated by the second processor; and

a secure system in communication with each of the first handheld device and the second handheld device via the network, the secure system including;

a communication interface programmed to receive each of the authentication information of the user of the first device and the authentication information of the user of the second device via the network;

a database that stores authentication information concerning the plurality of users including at least a portion of biometric information for each of the plurality of users, respectively; and

a processor programmed to authenticate an identity of the user of the first handheld device, by comparing the non-predictable value generated by the first handheld device to authentication information included in the database to determine whether the non-predictable value generated by the first handheld device corresponds to a user allowed to access the first handheld device, wherein the processor is programmed to authenticate an identity of the user of the second handheld device, by comparing the non-predictable value generated by the second handheld device to authentication information included in the database to determine whether the non-predictable value generated by the second handheld device corresponds to a user allowed to access the second handheld device,wherein the secure registry is programmed to transmit via the network a first non-predictable value to the first handheld device to authenticate the secure registry to the first handheld device,wherein the secure registry is programmed to transmit via the network a second non-predictable value to the second handheld device to authenticate the secure registry to the second handheld device,wherein the first wireless transceiver is programmed to transmit the information identifying the user of the second handheld device to the secure registry,wherein the second wireless transceiver is programmed to transmit the information identifying the user of the first handheld device to the secure registry,wherein the user interface of the first handheld device is programmed to display an image of the user of the second handheld device received from the secure registry via the network to allow the user of the first handheld device to enable an occurrence of the event, andwherein the user interface of the second handheld device is programmed to display an image of the user of the first handheld device received from the secure registry via the network to allow the user of the second handheld device to enable the occurrence of the event.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to one aspect, the invention provides a system for validating an identity of a user to enable or prevent an occurrence of an event. In one embodiment, the system includes a first device including a wireless transmitter which is configured to transmit validation information, a second device including a wireless receiver, where the second device is configured to receive the validation information and further transmit the validation information; and a secure system in communication with the second device. According to one embodiment, the secure system includes a database. In a further embodiment, the secure system is configured to receive the validation information transmitted from the second device, and to transmit additional information to the second device following a receipt of the validation information to assist the second device in either enabling or preventing the occurrence of the event.

Citations

31 Claims

1. A system for authenticating identities of a plurality of users to enable or prevent an occurrence of an event, the system comprising:
- a first handheld device including;
  
  a biometric sensor programmed to receive a biometric input provided by a user of the first handheld device;
  
  a user interface programmed to receive a user input including secret information known to the user of the first handheld device;
  
  a first wireless transceiver programmed to transmit via a network a first wireless signal including authentication information of a user of the first handheld device; and
  
  a first processor programmed to authenticate the user of the first handheld device based on at least one of the biometric input and the secret information and to include in the authentication information of the user of the first handheld device at least a time-varying non-predictable value generated by the first processor;
  
  a second handheld device including;
  
  a biometric sensor programmed to receive a biometric input provided by a user of the second handheld device;
  
  a user interface programmed to receive a user input including secret information known to the user of the second handheld device;
  
  a second wireless transceiver programmed to transmit via the network a second wireless signal including authentication information of a user of the second handheld device, to communicate information identifying the user of the second handheld device to the first handheld device, and to receive information identifying the user of the first handheld device from the first handheld device; and
  
  a second processor programmed to authenticate the user of the second handheld device based on at least one of the biometric input provided by the user of the second handheld device and the secret information known to the user of the second handheld device, and to include in the authentication information of the user of the second handheld device at least a time-varying non-predictable value generated by the second processor; and
  
  a secure system in communication with each of the first handheld device and the second handheld device via the network, the secure system including;
  
  a communication interface programmed to receive each of the authentication information of the user of the first device and the authentication information of the user of the second device via the network;
  
  a database that stores authentication information concerning the plurality of users including at least a portion of biometric information for each of the plurality of users, respectively; and
  
  a processor programmed to authenticate an identity of the user of the first handheld device, by comparing the non-predictable value generated by the first handheld device to authentication information included in the database to determine whether the non-predictable value generated by the first handheld device corresponds to a user allowed to access the first handheld device, wherein the processor is programmed to authenticate an identity of the user of the second handheld device, by comparing the non-predictable value generated by the second handheld device to authentication information included in the database to determine whether the non-predictable value generated by the second handheld device corresponds to a user allowed to access the second handheld device,wherein the secure registry is programmed to transmit via the network a first non-predictable value to the first handheld device to authenticate the secure registry to the first handheld device,wherein the secure registry is programmed to transmit via the network a second non-predictable value to the second handheld device to authenticate the secure registry to the second handheld device,wherein the first wireless transceiver is programmed to transmit the information identifying the user of the second handheld device to the secure registry,wherein the second wireless transceiver is programmed to transmit the information identifying the user of the first handheld device to the secure registry,wherein the user interface of the first handheld device is programmed to display an image of the user of the second handheld device received from the secure registry via the network to allow the user of the first handheld device to enable an occurrence of the event, andwherein the user interface of the second handheld device is programmed to display an image of the user of the first handheld device received from the secure registry via the network to allow the user of the second handheld device to enable the occurrence of the event.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1, wherein the biometric input of the user of the first handheld device and the user of the second handheld device, respectively, comprise any one of a fingerprint of the respective user and a voice signature of the respective user.
  - 3. The system of claim 1, wherein the secret information of the users of the first handheld device and the second handheld device, respectively, comprise PINs.
  - 4. The system of claim 1, wherein the network includes a Bluetooth network for communication between the first handheld device and the second handheld device.
  - 5. The system of claim 1, wherein at least one of the authentication information of the first user and the authentication information of the second user includes encrypted authentication information.
  - 6. The system of claim 1, wherein each of the first handheld device and the second handheld device include any of a smart card, a cell phone, a pager, an ID badge, a watch, a personal computer, a personal digital assistant or a key fob.
  - 7. The system of claim 6, wherein each of the first handheld device and the second handheld device are provided in a form of an uncounterfeitable token, respectively.
  - 8. The system of claim 1, wherein the occurrence of the event results in a transfer of funds from an account of the user of the first handheld device.
  - 9. The system of claim 8, wherein the occurrence of the event results in a transfer of the funds to an account of the user of the second handheld device.
  - 10. The system of claim 1, wherein the wireless transceivers included in the first handheld device and the second handheld device, respectively, are programmed to wirelessly transmit via an RF signal including any of a Bluetooth signal, WiFi, near field communication or ultra-wideband communication.

11. A method employing a system to authenticate identities of a plurality of users for purposes of enabling or preventing an occurrence of an event, the system including a first handheld device, a second handheld device each including a wireless transceiver a user interface and a biometric sensor, respectively, and a secure system including a database, the secure system in communication with first handheld device and the second handheld device over a network, the method comprising acts of:
- authenticating, with the first handheld device, the user of the first device based on at least one of a biometric input received by the biometric sensor included in the first handheld device and secret information received by the user interface included in the first handheld device;
  
  generating authentication information including a time-varying non-predictable value with the first handheld device based on at least one of the biometric input and the secret information received by the first handheld device;
  
  transmitting the authentication information to the secure system over the network using the wireless transceiver of the first handheld device,authenticating, with the second handheld device, the user of the second device based on at least one of a biometric input received by the biometric sensor included in the second handheld device and secret information received by the user interface included in the second handheld device;
  
  generating authentication information including a time-varying non-predictable value with the second handheld device based on at least one of the biometric input and the secret information received by the second handheld device;
  
  transmitting the authentication information generated with the second handheld device to the secure system over the network using the wireless transceiver of the second handheld device,receiving with the wireless transceiver of the second device information identifying the user of the first handheld device wirelessly transmitted from the first handheld device;
  
  transmitting to the first handheld device, with the wireless transceiver of the second handheld device, information identifying the user of the second handheld device;
  
  transmitting to the first handheld device, from the secure system over the network, a first non-predictable value to authenticate the secure system to the first handheld device;
  
  transmitting to the second handheld device, from the secure system over the network, a second non-predictable value to authenticate the secure system to the second handheld device;
  
  receiving at the secure system from the first handheld device, over the network, the information identifying the user of the second handheld device;
  
  receiving at the secure system from the second handheld device, over the network, the information identifying the user of the first handheld device;
  
  authenticating an identity of the user of the first handheld device at the secure system by comparing the non-predictable value generated by the first handheld device to authentication information included in the database to determine whether the non-predictable value generated by the first handheld device corresponds to a user allowed to access the first handheld device;
  
  authenticating an identity of the user of the second handheld device at the secure system by comparing the non-predictable value generated by the second handheld device to the authentication information included in the database to determine whether the non-predictable value generated by the second handheld device corresponds to a user allowed to access the second handheld device;
  
  receiving via the wireless transceiver at the first device an image of the user of the second device from the secure system to allow the user of the first handheld device to either enable or prevent the occurrence of the event; and
  
  receiving via the wireless transceiver at the second device an image of the user of the first device from the secure system to allow the user of the second handheld device to either enable or prevent the occurrence of the event.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 12. The method of claim 11, wherein the biometric input of the user of the first handheld device and the user of the second handheld device, respectively, comprise any one of a fingerprint of the respective user and a voice signature of the respective user.
  - 13. The method of claim 12, wherein the secret information of the users of the first handheld device and the second handheld device, respectively, comprise PINs.
  - 14. The method of claim 11, further comprising an act of receiving the biometric input, with the biometric sensor included in the first device, including any one of a fingerprint of the user of the first device and a voice signature of the user of the first device.
  - 15. The method of claim 11, further comprising receiving the secret information, with the user interface of the first device, including a PIN.
  - 16. The method of claim 11, further comprising communicating via a Bluetooth network between the first handheld device and the second handheld device.
  - 17. The method of claim 11, further comprising encrypting at least one of the authentication information of the first user and the authentication information of the second user.
  - 18. The method of claim 11, wherein each of the first handheld device and the second handheld device include any of a smart card, a cell phone, a pager, an ID badge, a watch, a personal computer, a personal digital assistant or a key fob.
  - 19. The method of claim 18, further comprising providing each of the first handheld device and the second handheld in a form of an uncounterfeitable token, respectively.
  - 20. The method of claim 11, further comprising transferring funds from an account of the user of the first handheld device at the occurrence of the event.
  - 21. The method of claim 20, further comprising transferring funds to an account of the user of the second handheld device at the occurrence of the event.
  - 22. The method of claim 11, further comprising programming the wireless transceivers included in the first handheld device and the second handheld device, respectively, to wirelessly transmit via an RF signal including any of a Bluetooth signal, WiFi, near field communication or ultra-wideband communication.

23. A system for authenticating identities of at least one entity to enable or prevent an occurrence of an event, the system comprising:
- a first handheld device including;
  
  a biometric sensor programmed to receive a biometric input provided by a user of the first handheld device;
  
  a user interface programmed to receive a user input including secret information known to the user of the first handheld device;
  
  a first wireless transceiver programmed to transmit via a network a first wireless signal including authentication information of a user of the first handheld device; and
  
  a first processor programmed to authenticate the user of the first handheld device based on at least one of the biometric input and the secret information and to include in the authentication information of the user of the first handheld device at least a time-varying non-predictable value generated by the first processor;
  
  a second device including;
  
  a user interface including a display;
  
  a second wireless transceiver programmed to transmit via the network a second wireless signal including authentication information of an entity associated with the second device, and to receive information identifying the user of the first handheld device from the first handheld device; and
  
  a second processor programmed to include in the authentication information of the entity associated with the second device at least a time-varying non-predictable value generated by the second processor; and
  
  a secure system in communication with each of the first handheld device and the second device via the network, the secure system including;
  
  a communication interface programmed to receive each of the authentication information of the user of the first device and the authentication information of the entity associated with the second device via the network;
  
  a database that stores authentication information concerning a plurality of users; and
  
  a processor programmed to authenticate an identity of the user of the first handheld device, by comparing the non-predictable value generated by the first handheld device to authentication information included in the database to determine whether the non-predictable value generated by the first handheld device corresponds to a user allowed to access the first handheld device, wherein the processor is programmed to authenticate an identity of the entity associated with the second device, by comparing the non-predictable value generated by the second device to authentication information included in the database to determine whether the non-predictable value generated by the second device corresponds to an entity allowed to access the second device,wherein the secure registry is programmed to transmit via the network a first non-predictable value to the second device to authenticate the secure registry to the second device,wherein the second wireless transceiver is programmed to transmit the information identifying the user of the first handheld device to the secure registry, andwherein the user interface of the second device is programmed to display an image of the user of the first handheld device received from the secure registry via the network to allow a user of the second device to enable the occurrence of the event.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31)
- - 24. The system of claim 23, wherein the second device includes a point of sale device.
  - 25. The system of claim 24, wherein the occurrence of the event results in a transfer of funds from an account of the user of the first handheld device.
  - 26. The system of claim 25, wherein the entity includes a merchant;
    - andwherein the occurrence of the event results in a transfer of the funds to an account of the merchant.
  - 27. The system of claim 23, wherein the network includes a Bluetooth network for communication between the first handheld device and the second device.
  - 28. The system of claim 23, wherein the authentication information of the entity associated with the second device includes encrypted authentication information.
  - 29. The system of claim 23, wherein the first handheld device includes any of a smart card, a cell phone, a pager, an ID badge, a watch, a personal computer, a personal digital assistant or a key fob.
  - 30. The system of claim 23, wherein the network includes a Bluetooth network for communication between the first handheld device and the second device.
  - 31. The system of claim 23, wherein the network is configured for near-field communication between the first handheld device and the second device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Universal Secure Registry LLC
Original Assignee
Kenneth P. Weiss
Inventors
Weiss, Kenneth P.
Primary Examiner(s)
Fischer; Andrew J.
Assistant Examiner(s)
Cheung; Calvin K

Application Number

US11/677,490
Publication Number

US 20070198436A1
Time in Patent Office

1,637 Days
Field of Search

705/76
US Class Current

705/76
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/35   communicating wirelessly

G06F 21/6245   Protecting personal data, e...

G06F 2221/2115   Third party

G06Q 10/10   Office automation; Time man...

G06Q 20/3676   Balancing accounts

G06Q 20/3821   Electronic credentials

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/40145   Biometric identity checks

G06Q 30/06   Buying, selling or leasing ...

G06Q 40/02   Banking, e.g. interest calc...

G07C 9/257   electronically G07C9/26 tak...

G07C 9/26   using a biometric sensor in...

G07C 9/27   with central registration

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0442   wherein the sending and rec...

H04L 63/068   using time-dependent keys, ...

H04L 63/08 : for authentication of entit...

H04L 63/083 : using passwords cryptograph...

H04L 63/0853 : using an additional device,...

H04L 63/0861 : using biometrical features,...

H04L 63/10 : for controlling access to d...

H04L 9/0891 : Revocation or update of sec...

H04L 9/3231 : Biological data, e.g. finge...

H04L 9/3247 : involving digital signatures

H04L 9/3271 : using challenge-response

H04W 12/03 : Protecting confidentiality,...

H04W 12/06 : Authentication

View All

Method, system and apparatus for secure access, payment and identification

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Method, system and apparatus for secure access, payment and identification

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links